wesnoth (1.2.6-1ubuntu2.2) gutsy-security; urgency=low

  * SECURITY UPDATE: Do not allow '../' in file paths. It allowed others
    to view the content of files in the remote computers.
  * debian/patches/CVE-2007-5742: added, taken from upstream SVN r21904.
  * References:
    CVE-2007-5742.
    LP: #172783.

 -- Emilio Pozuelo Monfort <[EMAIL PROTECTED]>   Sun, 02 Dec 2007
21:30:03 +0100

** Changed in: wesnoth (Ubuntu Gutsy)
       Status: Fix Committed => Fix Released

** Changed in: wesnoth (Ubuntu Feisty)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-3917

-- 
wesnoth exploit allows others to view the content of files on a remote computer
https://bugs.launchpad.net/bugs/172783
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to